Creating DLP Policies In Office 365

Many organizations and large-scale companies are now making their way to Office 365, leveraging various services offered by Microsoft such as SharePoint, Exchange, Project Online, Microsoft Dynamics etc. Definitely, moving to the cloud is a great step for the future and also there are many advantages to it, such as, lower maintenance cost, guaranteed up-time, timely back up of our data by Microsoft and access to services from anywhere.

With all these benefits, there are certain threats associated with our resources/data and we should not consider this as a downside to the cloud technologies. Because, whether we are relaying on on-premise or online, there are chances of certain risks and threats.

However, there are many ways to secure our data. So, today, in this article, we will look at creating DLP policies for SharePoint, Exchange and OneDrive.

DLP stands for Data Loss Prevention. It detects threats from the content and allows us to take certain actions on it when a specific kind of risk is detected from data. Using Microsoft’s “Security and Compliance” center, we can create DLP polices to protect our data. So far, there should be one question and that is - "From what kind of risk are we protecting our data?"

DLP policies are used to fulfill compliance requirements for securing sensitive information, such as that related to the U.S. Health Insurance Act (HIPAA), U.S. Gramm-Leach-Bliley Act (GLBA), or U.S. Patriot Act. More information on this can be found from here.

In today’s article, we will create DLP policies to detect US credit card numbers, bank account numbers, and driver license numbers.

  1. So, login to https://protection.office.com and click on policy under Data loss prevention and then click on “Create a policy”.

    Office 365

  2. In the next dialog, we can select templates for detecting card numbers, bank account numbers, and drivers license numbers. There are many OOTB templates that we can use as per our requirement. If none of the templates fulfill our requirement, then, we can also create custom policies. For this article, we will use OOTB template.

  3. From dropdown, select “United States of America” as location and click on “Privacy”, then click on “U.S. State Breach Notification Laws”. Finally, click Next.

    Office 365

  4. Give name and description of the policy and click Next.

  5. By default, DLP policies applies to Exchange, SharePoint and OneDrive, but, we here we have some flexibility to exclude some SharePoint Sites and OneDrive accounts from DLP policies or else, we can apply DLP policies to few SharePoint sites and OneDrive accounts.

  6. For Exchange, we cannot change DLP policies to apply to specific email accounts.

  7. Select “All locations in Office 365. Includes content in Exchange email and OneDrive and SharePoint documents.” for all locations and select “Let me choose specific locations.” Option to modify locations for SharePoint and OneDrive.

  8. Choose first option and click next.

    Office 365

  9. In the next window, we need to select target audience that we want to monitor, whether it should be outside of our organization or inside of our organization. We can also use Advanced Settings to specify custom actions and rules.

  10. Select “Find content containing this type of sensitive info:”, check box for “Detect when this content is shared:”. This will apply DLP rules when content is shared across/outside of the organization and click Next.

    Office 365

  11. In the next screen, we can select whether we want to send notifications to user when sensitive information is detected with some tips to avoid such scenarios in future.

  12. Leave this page as it is and click Next.

  13. Now, we have the option of whether we want to test it, activate it, or if we want to activate it later.

  14. So, select “Yes, turn it on right away” and click Next.

    Office 365

  15. Finally, on the next screen, click on "Create" to activate our policy.

  16. Policy is now available under “Policy”.

    Office 365